CVE-2002-0641

Published: Jul 23, 2002Modified: Apr 16, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

Buffer overflow in bulk insert procedure of Microsoft SQL Server 2000, including Microsoft SQL Server Desktop Engine (MSDE) 2000, allows attackers with database administration privileges to execute arbitrary code via a long filename in the BULK INSERT query.

Affected (2)

Products: Microsoft: Msde, Sql Server

2 products

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Microsoft Msde	Version 2000
Microsoft Sql Server	Version 2000

References (12)

http://marc.info/?l=bugtraq&m=102639885223746&w=2

Source: cve@mitre.org

http://www.kb.cert.org/vuls/id/682620

Source: cve@mitre.org

US Government Resource

http://www.ngssoftware.com/advisories/ms-sqlbi.txt

Source: cve@mitre.org

http://www.securityfocus.com/bid/4847

Source: cve@mitre.org

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-034

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A316

Source: cve@mitre.org

http://marc.info/?l=bugtraq&m=102639885223746&w=2

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.kb.cert.org/vuls/id/682620

Source: af854a3a-2127-422b-91ae-364da2661108

US Government Resource

http://www.ngssoftware.com/advisories/ms-sqlbi.txt

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/4847

Source: af854a3a-2127-422b-91ae-364da2661108

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-034

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A316

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.